Sandmap is a tool for network and system discovery scans using the infrastructure of the Nmap engine. It provides ease of use to users because it is added to the interface by automating Nmap scans. Scan results are much faster compared to nmap. Thanks to the nmap commands corresponding to the scanning modules, we can easily remember the nmap commands even if we forget them, and we can perform the scans in a faster and more practical way. Sandmap offers us many different possibilities, one of which is that we can use nmap and zenmap tools while inside the tool. In addition, by installing proxychains, we can explore and scan the tor network with the sandmap tool.
- Includes predefined and automated scans.
- Has NMAP Script support.
- Has TOR scanning support. (Requires proxychains tool's installation.)
- Can perform different scans at the same time.
- There are 459 different scanning options for 31 modules.
For Sandmap Installation;
(Nmap and xterm terminal emulator must be installed before installation.)
git clone https://github.com/trimstray/sandmap
If you see the text below after entering the commands one by one, our tool is ready to use. You can run the tool by typing sandmap into the terminal.
Create symbolic link to /usr/local/bin Create man page to /usr/local/man/man8
Above is an image of the interface. You can get information about what you can do by typing the Help command, and you can see the available scanning modules by typing list command.
Here is the screenshot of the result of the list command. We can start using it by adding 'use' to the beginning of the module we want to use. We may start the process by performing a port scan.
After this command, we can look at the scan features with the 'show' command.
Here, we see the names of the scanning modules, the IDs of the scanning modules on the left, and the corresponding commands in the nmap parameter on the right. In order to use the module, we first need to target our tool for this process;
set dest TARGET IP OR TARGET SERVER NAME
After this process, we start the scanning process by giving the
init MODUL ID NUMBER
command, whichever scan we want to do.
This is how we simply do the open port scanning processes. All possible scans are done with the same operations, first the target is specified and then scans are made with the init command. By using this tool, we can easily perform all scans without the need to memorize nmap commands.
Translator and Editor: @Dolyetyus
Original: Sandmap Nedir?